Offline Delegation

Arne Helme; Tage Stabell-Kulø

Offline Delegation

This article describes mechanisms for offline delegation of access rights to files maintained by a distributed ``File Repository''. The mechanisms are designed for a target environment where personal machines are used at times when critical services, such as authentication and authorization services, are not accessible. We demonstrate how valid delegation credentials can be transferred verbally without the use of shared secrets.

Our main result shows that delegation of access rights can be accomplished in a system that uses public-key encryption for secrecy and integrity, without forcing the user to rely on a trusted third party, and without requiring connection to the infrastructure. The implementation runs on a contemporary Personal Digital Assistant (PDA); the performance is satisfactory.

Arne Helme, University of Tromsø, Norway

Tage Stabell-Kulø, University of Tromsø, Norway

BibTeX

@inproceedings {271579,
author = {Arne Helme and Tage Stabell-Kul{\o}},
title = {Offline Delegation},
booktitle = {8th USENIX Security Symposium (USENIX Security 99)},
year = {1999},
address = {Washington, D.C.},
url = {https://www.usenix.org/conference/8th-usenix-security-symposium/offline-delegation},
publisher = {USENIX Association},
month = aug
}

Download

Links

Paper:

http://www.usenix.org/events/sec99/full_papers/helme/helme.pdf

Paper (HTML):

http://www.usenix.org/events/sec99/full_papers/helme/helme_html/index.html

USENIX Conference Policies

Offline Delegation

Arne Helme, University of Tromsø, Norway

Tage Stabell-Kulø, University of Tromsø, Norway

Links